Login
Sign Up
Woofun AI reports that a crypto user suffered a near-$1 million loss on Wednesday after executing a malicious token approval on Ethereum, an incident highlighted by alerts from Scam Sniffer, CertiK, Chainalysis, and MetaMask. This specific breach underscores a widening vulnerability in wallet security protocols, where users are increasingly targeted by sophisticated social engineering campaigns designed to exploit trust in standard transaction signatures.
The attack mechanics unfolded with precision on Thursday, as scammers initially attempted to drain a rounded $1 million via multicalls but failed due to insufficient funds. Within seconds, the script recalculated and executed follow-up transfers to pull the exact remaining balance, resulting in the loss of 999,999 USDt (USDT). This adaptive approach demonstrates how malicious actors now employ dynamic logic to maximize extraction efficiency when initial parameters fail, leaving victims with negligible residual assets.
Woofun AI data shows that structurally, this incident is part of a larger trend where phishing losses totaled $366 million in the first half of the year, contributing to $723 million across 248 incidents in 2025. Blockchain security firm Chainalysis reported in June that onchain scams generated at least $14 billion in 2025, with investment scams remaining the dominant category. Approval phishing serves as a primary execution vector for these schemes, leveraging the complexity of smart contract interactions to mask malicious intent behind innocuous-seeming transactions.
Notably, researcher Ryan Coleman stated on Friday that such approvals grant attackers unlimited access, enabling an automated sweeper to drain funds instantly. Renato Bastos, a senior investigator at Chainalysis, added that scammers reuse the same wallets, legitimate approval features, and cash-out routes across victims, meaning each report exposes a wider network. Address poisoning remains another critical vector, where scammers send tiny "dust" funds to similar addresses to trick users into sending assets to fraudulent destinations instead of legitimate ones.
Scam Sniffer advises users to double-check all signature requests, avoid rushed transactions, and utilize scam detection extensions to mitigate risk. In a similar recent case, a wallet holder lost $1.65 million after connecting to a fake exchange and signing a malicious contract. MetaMask responded to these evolving threats by launching live address poisoning detection in June, a tool that compares pasted addresses against previously interacted ones to prevent accidental transfers to spoofed accounts.